66
Problems Solved
Buy it from
http://www.snipca.com/42077
Q: When will my iPad become
obsolete?
A: Issue 615, page 66 – find it on
our 2021 Back Issue CD
We don't recommend it, but you can enter a
client code (1) and make a Bitcoin payment (2)
Why are all my files now 7z?
Q
My small-business hard drive
was hacked, and now all of my
stuff has a .7z file extension.
Opening any of these files demands a
password. Is there a way I can get my files
back?
Ken Charlton
A
You didn’t say what type of hard
drive you’ve got, when this
happened or what might have
preceded it, but it sounds like you’ve
fallen victim to a ransomware attack.
Specifically, we think you’ve been hit by
Qlocker, or a variant of it. This is malware
that attacks network-attached storage
(NAS) drives, specifically targetting
models from QNAP (www.qnap.com) –
turning user files into encrypted archives,
password-protected in the 7-Zip (7z) file
format.
QNAP’s advice is essentially to stop
using the device immediately and to
contact the company’s support team, via
https://service.qnap.com. It promises that
it will attempt to recover files. It also
offers a ‘self-service’ tool called QRescue,
but this is very complex and likely to be
beyond the abilities of everyday users.
You can read more about both options on
QNAP’s website, at http://www.snipca.
com/41895. You should also run the
QNAP Malware Removal tool, which is a
free download from http://www.snipca.
com/41896 – but contact QNAP before
doing anything at all.
How successful (or not) the recovery
attempts are will depend on numerous
factors, including how much the drive
has been used since the attack happened,
but QNAP offers no guarantees.
Nonetheless, at this juncture, it is your
least-worst option.
You might justifiably wonder what the
worst option is – which would be to
engage with the hacker. That’s because
the point of ransomware is that the
perpetrator is after a ransom. Sometimes,
if the ransom is paid, the hacker will
send you the password. To be crystal
clear, we absolutely do not advocate
doing this.
However, if you’re absolutely desperate,
then you will find among the remnants of
your locked data a file called ‘!!!READ_
ME.txt’. This will tell you to use the
anonymising Tor web browser
(www.torproject.org) to visit the hacker's
payment page, and to enter a key specific
to your encrypted files (see screenshot^1 ).
There, you’ll be invited to make a
payment in Bitcoin (BTC)^2. For Qlocker,
this is usually 0.02 or 0.03BTC (about
£600-£1,000, depending on the wildly
fluctuating value of Bitcoin). If you’re
lucky, the necessary password will be
revealed. Certainly, with Qlocker attacks
specifically, this has worked for some
people. Equally, there’s no guarantee that
your specific culprit will actually honour
the deal, so you might just be handing
over money for nothing.
Will installing
Windows 11 from
USB circumvent
support woes?
Q
I was intrigued to see in
Issue 628’s Workshop
(page 38) that Windows 11
can be installed from a USB stick,
thus bypassing compatibility checks.
Would installing it in this way
prevent potential problems with
Microsoft not supporting a PC for
future Windows 11 security and
feature updates? How likely is it that
Microsoft will ease hardware
restrictions in future?
Richard Marsh
A
If an update to Windows 11
creates problems for PCs
that Microsoft has deemed
incompatible, then the fact you
bypassed restrictions by installing
the operating system from a USB
will not help.
Microsoft easing hardware
restrictions is not inconceivable,
because it has previously shifted a
few older processors from the
unsupported to supported list.
However, the chances of this
happening again become less likely
over time. So, if the PC Health Check
app (www.snipca.com/41898) is at
this stage still classifying your
computer as unsupported, then we
don’t expect that to change.
Finally, we don’t think Microsoft
would deny people security or
feature updates, but those updates
might not be compatible with
unsupported PCs.
Updating to Windows 11 from a USB is a
risk for PCs deemed incompatible
8 – 21 June 2022 • Issue 633
1
2